How to enable HTML tag for members ?

Tjda · September 10, 2009, 12:23:04 AM

It's a Simple question, how to enable HTML tag for members, by default only admins have it.

This tag:

[html][/html]

Dannii · September 10, 2009, 12:24:55 AM

That would be a big security risk. Why do you want to?

N3RVE · September 10, 2009, 01:08:20 AM

Indeed. Although this can be accomplished, the forum will be vulnerable to hacker attacks. There's a reason why it's limited to Administrators only.

-[n3rve]

Tjda · September 10, 2009, 01:53:25 AM

hum... I had one forum, with almost 3 years, with the HTML permission enable, and the forum have more than 17 000 members

the risk in SMF 2.0 is the same at SMF 1.1.x ?

sAce · September 10, 2009, 02:11:51 AM

off topic :p

but what exactly is the risk,
i know there is a risk, but what is it ? can anyone please explain.

------------------------------------------------
1stly you shouldn't enable is for regulars
but if you are ok with the risk then ,
topics & posts >> bbc codes

N3RVE · September 10, 2009, 02:36:58 AM

Bottom line, it is not recommended and never will because it makes the forum susceptible to attacks, HTML can be used to hack the forum. What exactly is it you want to do with HTML that BBC can't handle?

-[n3rve]

Arantor · September 10, 2009, 03:25:34 AM

Quote from: S-Ace on September 10, 2009, 02:11:51 AM
off topic :p

but what exactly is the risk,
i know there is a risk, but what is it ? can anyone please explain.

If you allow members to put in arbitrary HTML, that includes arbitrary Javascript, Flash, Java... any kind of malware you can think of can be embedded like that and downloaded to the user's computer - potentially infecting them with more.

H · September 10, 2009, 04:56:11 AM

Admin area > Posts and Topics > Bulletin Board Code > Enable basic HTML in posts

That setting will enable safe html in posts.
There is also a mod that lets you choose which membergroups can use the html bbcode however this has not yet been upgraded for SMF 2.0

Tjda · September 10, 2009, 10:15:11 AM

how to enable for mods ?

Arantor · September 10, 2009, 10:17:15 AM

That setting will enable basic HTML for all users, not full HTML for admins+mods.

Tjda · September 10, 2009, 11:22:21 AM

y, i talking about tag HTML for mods

Arantor · September 10, 2009, 11:23:24 AM

There isn't a mod for it other than the one mentioned above.

I might - if I get time - look at writing it because it shouldn't be a huge mod.

What would you need mods to post in raw HTML that couldn't be expressed in, say, custom BBcode?

Tjda · September 10, 2009, 01:41:02 PM

Embed videos, images (deviantart) and games from many sites.

Arantor · September 10, 2009, 02:18:20 PM

Video embedder - AEVA, plus other mods.

Images - [img] usually works well enough, not sure what they'd need that img doesn't provide.

Games - you can embed Flash already without giving out HTML access, though it's limited.

Tjda · September 10, 2009, 05:46:51 PM

i know, but HTML tag is more easy for members.

is easy edit the AEVA ?

Arantor · September 10, 2009, 06:00:12 PM

AEVA - members just copy and paste the URL in, no more than that.

Tjda · September 10, 2009, 07:49:14 PM

i know xD

edit, but is for add new sites for AEVA

Arantor · September 10, 2009, 08:34:43 PM

Which sites doesn't it cover? It already has over 200 video sharing sites.

H · September 11, 2009, 03:56:11 PM

Indeed, and you can likely request additional sites in the mods topic, if you need to

News:

How to enable HTML tag for members ?